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Claims 

1 . A transaction authorisation system comprising means for authorising a 
transaction according to stored conditions and for interfacing with a 

5 transaction system, wherein 

the authorisation system (2) comprises an authorisation model (4) having 
a plurality of authority states (10) defining a plurality of required 
signatories for authorisation of a proposed transaction; 

10 

the system (2) comprises means for allowing online user definition and 
updating of the model (4) using user client systems; and 

the system comprises means (3) for receiving a request for a proposed 
15 transaction, for determining an applicable authority state (10), and for 

authorising the proposed transaction when sufficient signatory approvals 
have been received to satisfy the authority state. 

2. A transaction authorisation system as claimed in claim 1 , wherein at least 
20 some authority states comprises a signatory group (21) of signatory nodes 

(24), whereby all signatories of the group must approve. 

3. A transaction authorisation system as claimed in claim 1, wherein at least 
some authority states (10) comprise a signatory set (30) of signatory 

25 nodes (31), whereby any one signatory of the set must approve. 



A transaction authorisation system as claimed in claim 2, wherein at least 
some authority states (10) comprise a complex hierarchical structure of 
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groups and sub-groups, the structure comprising at least three 
hierarchical levels. 

A transaction authorisation system as claimed in claim 3, wherein at least 
some authority states (10) comprise a hierarchical structure of sets and 
sub-sets. 

A transaction authorisation system as claimed in claim 1, wherein each 
authority state (10) is associated with a transaction type as defined by 
conditions (11). 

A transaction authorisation system as claimed in claim 6, wherein the 
system (2) comprises a template update interface comprising means for 
allowing users to update and define the conditions using a graphical 
display. 

A transaction authorisation system as claimed in claim 7, wherein said 
interface (30) comprising means for allowing users to define the authority 
states (10) using a graphical display. 

A transaction authorisation system as claimed in claim 7, wherein the 
system (2) comprises means for storing a user-defined template for each 
associations of conditions (11) and authority state (10), for determining 
(42) a relevant template for a proposed transaction if parameters of the 
proposed transaction satisfy the conditions, and for retrieving an authority 
state (10) associated with the template. 

A transaction authorisation system as claimed in claim 1, wherein the 
system comprises means for transmitting (49) a notification to all 



10 
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signatories of a selected authority state (10), and for dynamically 
monitoring (50) received responses to determine if the authority state is 
satisfied. 

11. A transaction authorisation system as claimed in claim 1, wherein the 
system (2) further comprises means for downloading a wizard program 
(55) via an encrypted connection to a user client system (1), the wizard 
program (55) being for guiding a user through a process of defining the 
control model (4). 

12. A transaction authorisation system as claimed in claim 1, wherein the 
system (2) comprises an online server (3) for user access, said server 
comprising :- 



15 a web channel (60, 61 ) for user control model definition; and 

a channel manager (70, 71, 72) for real time transaction execution. 

13. A transaction authorisation system as claimed in claim 12, wherein the 
20 web channel comprises an account list filter (61) comprising means for 

building a list of allowable funding accounts associated with a user. 

14. A transaction authorisation system as claimed in claim 12, wherein the 
web channel further comprises a transaction type filter (60) comprising 

25 means for building a list of allowable transaction types associated with a 

user. 



15. 



A transaction authorisation system as claimed in claim 12, wherein the 
channel manager comprises an authorisation data manager (71) 
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comprising means for building look-up tables within objects by querying 
a rule database. 

A transaction authorisation system as claimed in claim 15, wherein the 
authorisation data manager (71) comprises means for building said 
objects at the start of a user session and for caching said objects for 
processing of request by the user. 

A transaction authorisation system as claimed in claim 15, wherein the 
channel manager comprises an authorisation rule engine (70) 
comprising means for querying the authorisation data manager (71) to 
check if a proposed transaction meets transaction conditions, and for 
managing notification of signatures specified in the relevant authority 
state. 

A transaction authorisation system as claimed in claim 1 7, wherein the 
system further comprises a role manager (72) comprising means for:- 

authenticating a user to determine a user identifier; 

using the identifier to determine a plurality of roles associated with 
the user, said roles containing access level permission values; 

building a role object comprising a combination of all of said role 
permission values; and 

using said role object to control user access to the system during a 
session. 
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19. A transaction authorisation system as claimed in claim 18, wherein said 
permissions comprise "enabled", "excluded", and "don't care" flags for a 
user for an access level. 

5 20. A transaction authorisation system as claimed in claim 19, wherein the 
role manager comprises means for combining the permission values 
with an excluded flag over-riding enabled flags. 

21. A transaction authorisation system substantially as described with 
10 reference to the drawings. 

22. A computer program product comprising software code for performing 
authorisation operations of an authorisation system of claim 1 when 
executing on a digital computer. 

15 



